package com.xiaofan.config;

import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.Serializable;

/**
 * @author 晓帆
 * @version 1.0
 **/
public class MallSessionManager extends DefaultWebSessionManager {
    /**
     * 维护session的跨域一致性，执行完登录操作完成认证后会在给前端返回sessionid,前端会在请求头上返回sessionId
     *
     * @param request 1
     * @param response 2
     * @return Serializable
     */
    @Override
    protected Serializable getSessionId(ServletRequest request, ServletResponse response) {
        HttpServletRequest httpServletRequest= (HttpServletRequest) request;
        ///前端会把sessionID放到Header当中 key为“X-cskaoyan-mall-Admin-Token”/"X-cskaoyan-mall-wx-token"当中
        String sessionId = httpServletRequest.getHeader("X-cskaoyan-mall-Admin-Token");
        if (sessionId!=null&&!"".equals(sessionId)){
            return sessionId;
        }
        return super.getSessionId(request, response);
    }
}
